Vulnerability Management at the Crossroads, part I

The process of systematic assessment and remediation of security vulnerabilities in a corporate network is a well-known security practice with more than a decade of widespread adoption by security aware organizations worldwide. For more than ten years, vulnerability scanning, patch management and configuration management products–the three pillars of today's most popular vulnerability management strategies–have proven to be an attractive source of revenues for several start-up security companies. They thrive on selling software to organizations seeking to improve their security postures that detects security bugs and deploy patches across the network. This article provides an introductory view of vulnerability management technology and a chronology of its adoption.